Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
d64417efc2f9cdac087ed24241c32ea6e972024ee7a05b6c5f1a001fd3534e62
-
Size
934KB
-
Sample
231011-y1w4qscf45
-
MD5
b8819997a74132370ddd92cc57a26969
-
SHA1
23fd7702316f1c4a9a1e0b7a44a9fd96d21a911b
-
SHA256
d64417efc2f9cdac087ed24241c32ea6e972024ee7a05b6c5f1a001fd3534e62
-
SHA512
73160cc685a6165f2d7305006bae5b3dbd54499c94bbd09ea9d692466192e1dcb4daba868c05adbc761b08149a14d03f3e478a0f45a7ce498b879ac500e30c65
-
SSDEEP
24576:FyJlmmXDP1rkCO5HOBS6lJ4LhYz8W135OF9wU:gJZ4RHkLYw13U
Static task
static1
Behavioral task
behavioral1
Sample
d64417efc2f9cdac087ed24241c32ea6e972024ee7a05b6c5f1a001fd3534e62.exe
Resource
win7-20230831-en
Behavioral task
behavioral2
Sample
d64417efc2f9cdac087ed24241c32ea6e972024ee7a05b6c5f1a001fd3534e62.exe
Resource
win10v2004-20230915-en
Malware Config
Extracted
redline
kendo
77.91.124.82:19071
-
auth_value
5a22a881561d49941415902859b51f14
Targets
-
-
Target
d64417efc2f9cdac087ed24241c32ea6e972024ee7a05b6c5f1a001fd3534e62
-
Size
934KB
-
MD5
b8819997a74132370ddd92cc57a26969
-
SHA1
23fd7702316f1c4a9a1e0b7a44a9fd96d21a911b
-
SHA256
d64417efc2f9cdac087ed24241c32ea6e972024ee7a05b6c5f1a001fd3534e62
-
SHA512
73160cc685a6165f2d7305006bae5b3dbd54499c94bbd09ea9d692466192e1dcb4daba868c05adbc761b08149a14d03f3e478a0f45a7ce498b879ac500e30c65
-
SSDEEP
24576:FyJlmmXDP1rkCO5HOBS6lJ4LhYz8W135OF9wU:gJZ4RHkLYw13U
Score10/10-
Detect Mystic stealer payload
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-